llm-app-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly defines and uses web search tools (e.g., the "search_web" function in the FunctionCalling pattern and the ReAct pattern's search action) that retrieve and consume open/public web search results/observations as part of the agent's reasoning, exposing it to untrusted third-party user-generated content.